JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.172

104.207.35.172 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.172

Whois 104.207.35.172

IP Abuse Reports for 104.207.35.172:

This IP address has been reported a total of 136 times from 17 distinct sources. 104.207.35.172 was first reported on June 5th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 05:24:31 (3 weeks ago)	Brute force	Brute-Force
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-01-21 16:11:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 11:10:59.663572 2026] [security2:error] [pid 17040:tid 17040] [client 104.207.35.172:29577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advancedmotorsports.com"] [uri "/.env"] [unique_id "aXD6k6xRYNgmytLydZXDaQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-24 07:00:12 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-04 16:03:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 11:03:50.390664 2025] [security2:error] [pid 15311:tid 15311] [client 104.207.35.172:19497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peggyannjones.us"] [uri "/.svn/wc.db"] [unique_id "aTGw5v2z6BFtD0j-taFU7QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:35:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:35:37.412154 2025] [security2:error] [pid 27117:tid 27117] [client 104.207.35.172:33447] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.aliamus.com"] [uri "/.env"] [unique_id "aSQY2Ymgp8FZiuHR_jv2twAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:52:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:52:08.681829 2025] [security2:error] [pid 30899:tid 30899] [client 104.207.35.172:35727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.electric-meat-grinder.com"] [uri "/.git/HEAD"] [unique_id "aSQOqM_tc69UC3fU-b6Y2wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:27:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:27:39.543452 2025] [security2:error] [pid 1231:tid 1231] [client 104.207.35.172:38717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.flydarkestdays.com"] [uri "/.svn/wc.db"] [unique_id "aSPeu2V98EmUtnsil_zrgAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-29 12:08:37 (7 months ago)	WP Admin Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-27 21:32:12 (7 months ago)	WP Admin Scan Activities	Web App Attack
🇧🇷 hostseries	2025-10-24 21:22:25 (7 months ago)	Trigger: LF_DISTATTACK	Brute-Force
Anonymous	2025-10-22 16:43:06 (7 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-21 01:39:41 (7 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-19 03:54:06 (7 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.19 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-18 18:56:09 (7 months ago)	Attempted brute force login to web vpn 20 time(s); last attempt for 2025.10.18 is noted in report ti ... show more Attempted brute force login to web vpn 20 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.75.144.169

🇮🇳 103.174.102.204

🇷🇺 94.180.250.11

🇬🇧 94.156.250.197

🇳🇱 45.142.193.12

🇸🇬 43.156.136.152

🇩🇪 8.209.68.55

🇧🇬 79.124.49.174

🇳🇱 45.148.10.141

🇭🇰 144.48.241.162

🇷🇴 93.114.194.159

🇫🇷 91.231.89.179

🇺🇸 64.62.156.52

🇳🇱 45.153.34.114

🇺🇸 20.64.106.71

🇯🇵 8.216.8.195

🇺🇸 216.73.163.90

🇷🇺 213.234.5.66

🇰🇷 211.253.31.30

🇺🇸 172.253.86.113